From 7b796552a67a17c2352f6dcc5c8473d9f4ce94d5 Mon Sep 17 00:00:00 2001 From: Jack Plowman <62281988+JackPlowman@users.noreply.github.com> Date: Tue, 1 Jul 2025 08:57:06 +0100 Subject: [PATCH 1/2] NPA-4986: Run Prettier on .github folder --- .github/dependabot.yml | 107 ++++++++++--------- .github/workflows/codeql-analysis.yml | 44 ++++---- .github/workflows/continuous-integration.yml | 77 +++++++------ .github/workflows/dependency-review.yml | 22 ++-- .github/workflows/openapi-validate.yml | 2 +- .github/workflows/prettier-checks.yml | 2 +- 6 files changed, 127 insertions(+), 127 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 249d6721..7229021c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,57 +1,58 @@ version: 2 updates: + - package-ecosystem: "github-actions" + directory: "/" + open-pull-requests-limit: 1 + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + commit-message: + prefix: "github actions " + include: scope + groups: + github-dependencies: + patterns: + - "*" - - package-ecosystem: "github-actions" - directory: "/" - open-pull-requests-limit: 1 - schedule: - interval: "weekly" - day: "monday" - time: "09:00" - commit-message: - prefix: "github actions " - include: scope - groups: - github-dependencies: - patterns: - - "*" + - package-ecosystem: "pip" + directories: + - "/" + - "/sandbox" + open-pull-requests-limit: 1 + versioning-strategy: auto + ignore: + - dependency-name: "*" + update-types: + ["version-update:semver-minor", "version-update:semver-patch"] + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + commit-message: + prefix: "pip " + include: scope + groups: + python-dependencies: + patterns: + - "*" - - package-ecosystem: "pip" - directories: - - "/" - - "/sandbox" - open-pull-requests-limit: 1 - versioning-strategy: auto - ignore: - - dependency-name: "*" - update-types: ["version-update:semver-minor", "version-update:semver-patch"] - schedule: - interval: "weekly" - day: "monday" - time: "09:00" - commit-message: - prefix: "pip " - include: scope - groups: - python-dependencies: - patterns: - - "*" - - - package-ecosystem: "npm" - directory: "/" - open-pull-requests-limit: 1 - versioning-strategy: auto - ignore: - - dependency-name: "*" - update-types: ["version-update:semver-minor", "version-update:semver-patch"] - schedule: - interval: "weekly" - day: "monday" - time: "09:00" - commit-message: - prefix: "npm " - include: scope - groups: - npm-dependencies: - patterns: - - "*" + - package-ecosystem: "npm" + directory: "/" + open-pull-requests-limit: 1 + versioning-strategy: auto + ignore: + - dependency-name: "*" + update-types: + ["version-update:semver-minor", "version-update:semver-patch"] + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + commit-message: + prefix: "npm " + include: scope + groups: + npm-dependencies: + patterns: + - "*" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 48f9af78..946a3f56 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,26 +1,26 @@ name: Code QL Analysis "on": - push: - branches: [master] - pull_request: - branches: [master] - schedule: - - cron: 30 1 * * 0 + push: + branches: [master] + pull_request: + branches: [master] + schedule: + - cron: 30 1 * * 0 permissions: - contents: read + contents: read jobs: - CodeQL-Build: - name: CodeQL Analysis - runs-on: ubuntu-latest - permissions: - security-events: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: python - queries: security-extended - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + CodeQL-Build: + name: CodeQL Analysis + runs-on: ubuntu-latest + permissions: + security-events: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: python + queries: security-extended + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index 0dafa5ea..e306d5b1 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -2,43 +2,42 @@ name: Create Release on: push jobs: - create_release: - name: build - runs-on: ubuntu-latest - if: github.ref == 'refs/heads/master' - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 # This causes all history to be fetched, which is required for calculate-version to function - - - name: Install Python 3.8 - uses: actions/setup-python@v5 - with: - python-version: 3.8 - - - name: Upgrade python pip - run: python -m pip install --upgrade pip - - - name: Install git - run: pip install gitpython - - - name: Install semver - run: pip install semver - - - name: Set SPEC_VERSION env var - run: echo ::set-env name=SPEC_VERSION::$(python scripts/calculate_version.py) - env: - ACTIONS_ALLOW_UNSECURE_COMMANDS: true - - - name: Create release (master only) - id: create-release + create_release: + name: build + runs-on: ubuntu-latest if: github.ref == 'refs/heads/master' - uses: actions/create-release@v1 - continue-on-error: true - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ env.SPEC_VERSION }} - release_name: ${{ env.SPEC_VERSION }} - + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 # This causes all history to be fetched, which is required for calculate-version to function + + - name: Install Python 3.8 + uses: actions/setup-python@v5 + with: + python-version: 3.8 + + - name: Upgrade python pip + run: python -m pip install --upgrade pip + + - name: Install git + run: pip install gitpython + + - name: Install semver + run: pip install semver + + - name: Set SPEC_VERSION env var + run: echo ::set-env name=SPEC_VERSION::$(python scripts/calculate_version.py) + env: + ACTIONS_ALLOW_UNSECURE_COMMANDS: true + + - name: Create release (master only) + id: create-release + if: github.ref == 'refs/heads/master' + uses: actions/create-release@v1 + continue-on-error: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ env.SPEC_VERSION }} + release_name: ${{ env.SPEC_VERSION }} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c4dd63bc..1128670b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -1,15 +1,15 @@ name: Dependency Review "on": [pull_request] permissions: - contents: read + contents: read jobs: - dependency-review: - name: Dependency Review - runs-on: ubuntu-latest - steps: - - name: Checkout Repository - uses: actions/checkout@v4 - - name: Dependency Review - uses: actions/dependency-review-action@v4 - with: - allow-ghsas: GHSA-w596-4wvx-j9j6 # Due to APIM Pytest dependency + dependency-review: + name: Dependency Review + runs-on: ubuntu-latest + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + - name: Dependency Review + uses: actions/dependency-review-action@v4 + with: + allow-ghsas: GHSA-w596-4wvx-j9j6 # Due to APIM Pytest dependency diff --git a/.github/workflows/openapi-validate.yml b/.github/workflows/openapi-validate.yml index cdb5f121..56b350ef 100644 --- a/.github/workflows/openapi-validate.yml +++ b/.github/workflows/openapi-validate.yml @@ -40,7 +40,7 @@ jobs: name: "GET /Questionnaire", make_target: "schema-get-questionnaire", }, - { name: "Errors", make_target: "schema-errors" } + { name: "Errors", make_target: "schema-errors" }, ] steps: - name: Checkout repository diff --git a/.github/workflows/prettier-checks.yml b/.github/workflows/prettier-checks.yml index 06233d73..4332971c 100644 --- a/.github/workflows/prettier-checks.yml +++ b/.github/workflows/prettier-checks.yml @@ -17,7 +17,7 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: - node-version: 22 + node-version: 22 - name: Install dependencies shell: bash From 4be51f693c4791d63fba0356bba73e7b9632f939 Mon Sep 17 00:00:00 2001 From: Jack Plowman <62281988+JackPlowman@users.noreply.github.com> Date: Tue, 1 Jul 2025 09:20:42 +0100 Subject: [PATCH 2/2] NPA-4986: Fix incorrect error codes and improve spec --- .../validated-relationships-service-api.yaml | 29 +++++++++---------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/specification/validated-relationships-service-api.yaml b/specification/validated-relationships-service-api.yaml index f4d5b877..568182c3 100644 --- a/specification/validated-relationships-service-api.yaml +++ b/specification/validated-relationships-service-api.yaml @@ -119,15 +119,16 @@ info: ## Open source You might find the following [open source](https://digital.nhs.uk/developer/guides-and-documentation/reference-guide#open-source) resources useful: - | Resource | Description | Links | - |---------------------------|----------------------------------------------------------------------|--------------------------------------------------------------------------------| - | Validated Relationships FHIR API | Source code for the API proxy, sandbox and specification. | [GitHub repo](https://github.com/NHSDigital/validated-relationships-service-api) | - | FHIR libraries and SDKs | Various open source libraries for integrating with FHIR APIs. | [FHIR libraries and SDKs](https://digital.nhs.uk/developer/guides-and-documentation/api-technologies-at-nhs-digital#fhir-libraries-and-sdks) | - | nhs-number | Python package containing utilities for NHS numbers including validity checks, normalisation and generation. | [GitHub repo](https://github.com/uk-fci/nhs-number) \| [Python Package index](https://pypi.org/project/nhs-number/) \| [Docs](https://nhs-number.uk-fci.tech/) | + | Resource | Description | Links | + | -------------------------------- | ------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------- | + | Validated Relationships FHIR API | Source code for the API proxy, sandbox and specification. | [GitHub repo](https://github.com/NHSDigital/validated-relationships-service-api) | + | FHIR libraries and SDKs | Various open source libraries for integrating with FHIR APIs. | [FHIR libraries and SDKs](https://digital.nhs.uk/developer/guides-and-documentation/api-technologies-at-nhs-digital#fhir-libraries-and-sdks) | + | nhs-number | Python package containing utilities for NHS numbers including validity checks, normalisation and generation. | [GitHub repo](https://github.com/uk-fci/nhs-number) \| [Python Package index](https://pypi.org/project/nhs-number/) \| [Docs](https://nhs-number.uk-fci.tech/) | We currently don't have any open source client libraries or sample code for this API and the source code for the PDS FHIR back end (the Core Spine source code) is not currently in the open. If you think this would be useful, [contact us](https://digital.nhs.uk/developer/help-and-support). ## Environments and testing + | Environment | Base URL | | ----------------- | ------------------------------------------------------------------------------------ | | Sandbox | `https://sandbox.api.service.nhs.uk/validated-relationships/FHIR/R4/` | @@ -246,8 +247,7 @@ paths: | HTTP status | Error code | Description | | ----------- | ---------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | - | 400 | `BAD_REQUEST` | Bad request. | - | 400 | `NOT_SUPPORTED` | The request is not currently supported. | + | 400 | `BAD_REQUEST` | Bad request. For details, see the `diagnostics` | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | @@ -270,7 +270,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: application/fhir+json: @@ -362,7 +362,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: application/fhir+json: @@ -485,7 +485,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | content: application/fhir+json: @@ -602,7 +602,6 @@ paths: | 400 | `MISSING_VALUE` | Missing header or parameter. For details, see the `diagnostics` field. | | 400 | `INVALID_VALUE` | Invalid header. For details, see the `diagnostics` field. | | 400 | `MISSING_IDENTIFIER_VALUE` | Missing performer:identifier or patient:identifier value. | - | 400 | `NOT_SUPPORTED` | The request is not currently supported. | | 401 | `ACCESS_DENIED` | Missing or invalid OAuth 2.0 bearer token in request. | | 403 | `FORBIDDEN` | Access denied to resource. | | 404 | `INVALIDATED_RESOURCE` | Resource that has been marked as invalid was requested - invalid resources cannot be retrieved | @@ -642,7 +641,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | A downsteam service has failed, request cannot be completed. | content: @@ -767,7 +766,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | A downsteam service has failed, request cannot be completed. | content: @@ -881,7 +880,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | A downsteam service has failed, request cannot be completed. | content: @@ -1028,7 +1027,7 @@ paths: | HTTP status | Error code | Description | | ----------- | -------------------------- | ------------------------------------------------------------ | | 500 | `SERVER_ERROR` | An unexpected internal server error has occurred. | - | 502 | `GATEWAY_ERROR` | Connection to the backend service failed. | + | 502 | `BAD_GATEWAY` | Connection to the backend service failed. | | 503 | `DOWNSTREAM_SERVICE_ERROR` | A downsteam service has failed, request cannot be completed. | content: